You have a Microsoft 365 subscription that uses Microsoft Exchange Online. You need to receive an alert if a user emails sensitive documents to specific external domains. What should you create?
A.
a data loss prevention (DLP) policy that uses the Privacy category
Sorry for the "C" party, but data protection policies are for filed "shared" not for file "sent" with email... so in this case a file policy won't fire (see point 7 of this link to look at a the file policy target: https://learn.microsoft.com/en-us/defender-cloud-apps/data-protection-policies#create-a-new-file-policy).
Documentation from Microsoft Defender for Cloud apps (old name MCAS) .
"Sharing with external domains - Receive an alert about any file shared with accounts owned by specific external domains. For example, files shared with a competitor's domain. Select the external domain with which you want to limit sharing."
So, correct answer is C
https://learn.microsoft.com/en-us/defender-cloud-apps/data-protection-policies
A is incorrect. Privacy categories detect and protect the type of privacy information; DLP policies restrict the transmission of information to outside parties, but privacy categories are ineligible.
B is incorrect. An activity policy cannot specify a domain. It detects multiple failed sign-ins and sign-ins from unfamiliar locations.
C is correct. File policy allows you to receive alerts about files shared with accounts owned by a specific external domain.
D is incorrect. The alerts displayed on the dashboard are just extracted by specific criteria and displayed in an easy-to-read manner.
https://learn.microsoft.com/en-us/defender-cloud-apps/data-protection-policies
Correct answer is A
To receive an alert if a user emails sensitive documents to specific external domains in a Microsoft 365 subscription that uses Microsoft Exchange Online, you should create a data loss prevention (DLP) policy that uses the Privacy category.
Option B, a Microsoft Cloud App Security activity policy, is not the correct answer because it is used to monitor and analyze user and admin activity across cloud apps, but it does not specifically monitor email attachments.
Option C, a Microsoft Cloud App Security file policy, is not the correct answer because it is used to scan files in cloud storage locations such as OneDrive and SharePoint, but it does not specifically monitor email attachments.
Option D, a DLP alert filter, is not the correct answer because it is used to filter the alerts generated by a DLP policy based on specific criteria, but it does not create the initial DLP policy.
To configure the DLP policy to send an alert when a user emails sensitive documents to specific external domains, you can follow these steps:
Open the Microsoft 365 compliance center and go to the Data loss prevention page.
Click Create a policy to create a new DLP policy.
In the Policy settings page, select the Privacy category and choose the sensitive information types that you want to protect.
In the Locations section, select the email option to apply the policy to emails.
In the Policy tips section, configure the action that you want to take when a sensitive document is detected. For example, you can send an alert to the user, manager, or administrator.
In the Policy settings section, select the external domains that you want to monitor.
Save the policy and test it to ensure that it is working as expected.
It says specific external domains so I'll go with C.
https://learn.microsoft.com/en-us/defender-cloud-apps/data-protection-policies#policies
Sharing with external domains - Receive an alert about any file shared with accounts owned by specific external domains. For example, files shared with a competitor's domain. Select the external domain with which you want to limit sharing.
its A correct, when you create a DLP policy you can use custom category or the privacy category implied, from there you do not need to set an action rather than sending alert to admin about it
This section is not available anymore. Please use the main Exam Page.SC-400 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
xlws
Highly Voted 3 years, 4 months agosivis
Highly Voted 3 years, 4 months agoPhil_79
Most Recent 2 months agoJimboJones99
9 months, 1 week agoJimboJones99
9 months, 1 week agoRAJRYB
9 months, 3 weeks agoEM1234
10 months, 3 weeks agoEsamiTopici
10 months, 3 weeks agoSDiwan
1 year, 1 month agoKodoi
1 year, 2 months agoSofteng
1 year, 2 months agoElangamban
1 year, 4 months agosamrith
1 year, 6 months agoTomasValtor
1 year, 6 months agoTomasValtor
1 year, 6 months agoTomasValtor
1 year, 6 months agoDavidf
1 year, 8 months agocris_exam
1 year, 10 months agodoori88
1 year, 10 months agoAlPL200
1 year, 11 months ago